[pmwiki-users] PmWiki at sourceforge, can it be secured?
Christian Ridderström
christian.ridderstrom at gmail.com
Sat Mar 7 16:13:57 CST 2009
Hi,
For the benefit of the LyX project, I and Bo are looking at using
sourceforge to run the LyX wiki (well, actually the web site).
At sourceforge, we have to store the wiki pages under a 'persistent'
directory. Now, while setting up a test site, I checked and noticed the
following unfortunate behaviour.
* It's possible for one project, 'A', to run a PHP-script that can
write to the persistent directory of project 'B'.
Ooops.
Does anyone know of a workaround for this?
Is using MySql for storing the pages the a solution? Will that be safe?
/Christian
--
Christian Ridderström Mobile: +46-70 687 39 44
More information about the pmwiki-users
mailing list